Manualshelf

User manual

ManualsBrandsUnitech Manualscomputers & electronicsMS246
41424344454647484950
Copyright © 2011, Unitech America Inc. All rights reserved.
Page 46 of 61
MS246 User Manual
;33333333337676760707077676763333333333767676070707767676333333333376767
607070776767633333333337676760707?2
Decrypted data in hex:
2542343236363834313038383838393939395E42555348204A522F47454F52474520572
E4D525E303830393130313130303030313130303030303030303034363030303030303F
21
3B343236363834313038383838393939393D3038303931303131303030303034363F300
000000000
3B333333333333333333333736373637363037303730373736373637363333333333333
333333337363736373630373037303737363736373633333333333333333333373637363
73630373037303737363736373633333333333333333333373637363736303730373F32
0000000000
8.7 Level 4 Activate Authentication Sequence
The security level changes from 3 to 4 when the device enters authentication mode
successfully. Once the security level is changed to level 3 or 4, it cannot go back to a
lower level.
Activate Authentication Mode Command
When the reader is in security level 4, it will only transmit the card data when it is in
Authenticated Mode.
Authentication Mode Request
When sending the authentication request, the user also needs to specify a time limit
for the reader to wait for the activation challenge reply command. The minimum
timeout duration required is 120 seconds. If the specified time is less than the
minimum, 120 seconds would be used for timeout duration. The maximum time
allowed is 3600 seconds (one hour). If the reader times out while waiting for the
activation challenge reply, the authentication failed.
Device Response
When authentication mode is requested, the device responds with two challenges:
Challenge 1 and challenge 2. The challenges are encrypted using the current DUKPT
key exclusive- or’ed with <F0F0 F0F0 F0F0 F0F0 F0F0 F0F0 F0F0 F0F0>.
The decrypted challenge 1 contains 6 bytes of random numbers followed by the last
two bytes of KSN. The two bytes of KSN may be compared with the last two bytes of
the clear text KSN sent in the message to authenticate the reader. The user should
complete the Activate Authentication sequence using the Activation Challenge Reply
command.
Command Structure
Host -> Device: